<?php
header('Content-type:text/html; Charset=utf-8');
ini_set('date.timezone', 'Asia/Shanghai');
$data_s = file_get_contents('php://input');
$data_s = json_decode($data_s, true);
//统一下单
function wechartAddOrder($name, $ordernumber, $money, $openid, $timeStamp, $noncestr)
{
    $url = "https://api.mch.weixin.qq.com/v3/pay/transactions/jsapi";
    $urlarr = parse_url($url);
    $appid = '小程序APPID'; //appID
    $mchid = '微信支付商户ID'; //商户ID
    $xlid = '微信支付公钥序列号'; //秘钥序列号 可在这个网址中查询 https://myssl.com/cert_decode.html
    $data = array();
    $time = $timeStamp;
    $data['appid'] = $appid;
    $data['mchid'] = $mchid;
    $data['description'] = $name; //商品描述
    $data['out_trade_no'] = $ordernumber; //订单编号
    $data['notify_url'] = "你的域名/你的支付目录路径/notify.php"; //回调接口 需根据自己的情况修改
    $data['amount']['total'] = intval($money * 1); //金额 单位 分
    $data['payer']['openid'] = $openid; //用户openID
    $data = json_encode($data);
    $key = getSign($data, $urlarr['path'], $noncestr, $time); //签名
    $token = sprintf('mchid="%s",serial_no="%s",nonce_str="%s",timestamp="%d",signature="%s"', $mchid, $xlid, $noncestr, $time, $key); //头部信息

    $header  = array(
        'Content-Type:' . 'application/json; charset=UTF-8',
        'Accept:application/json',
        'User-Agent:*/*',
        'Authorization: WECHATPAY2-SHA256-RSA2048 ' . $token
    );
    $ret = curl_post_https($url, $data, $header);
    $ret = ltrim($ret, '{"prepay_id":"');
    $ret = rtrim($ret, '}"');
    //微信支付（小程序）签名
    $str = getWechartSign($appid, $timeStamp, $noncestr, 'prepay_id=' . $ret);
    $arr = array('appid' => $appid, 'timestamp' => $timeStamp, 'package' => 'prepay_id=' . $ret, 'paySign' => $str);
    exit(json_encode($arr));
}
$set_body = '支付测试'; //支付显示内容
$price = '1'; //支付金额
$out_trade_no = $data_s['out_trade_no']; //订单号
$timeStamp = $data_s['timeStamp']; //时间戳
$openid = $data_s['openid'];
$noncestr = $data_s['nonceStr'];

wechartAddOrder($set_body, $out_trade_no, $price, $openid, $timeStamp, $noncestr);


//微信支付签名
function getSign($data = array(), $url, $randstr, $time)
{
    $str = "POST" . "\n" . $url . "\n" . $time . "\n" . $randstr . "\n" . $data . "\n";
    $key = file_get_contents('apiclient_key.pem'); //在商户平台下载的秘钥
    $str = getSha256WithRSA($str, $key);
    return $str;
}

//调起支付的签名
function getWechartSign($appid, $timeStamp, $noncestr, $prepay_id)
{
    $str = $appid . "\n" . $timeStamp . "\n" . $noncestr . "\n" . $prepay_id . "\n";
    $key = file_get_contents('apiclient_key.pem');
    $str = getSha256WithRSA($str, $key);
    return $str;
}

function getSha256WithRSA($content, $privateKey)
{
    $binary_signature = "";
    $algo = "SHA256";
    openssl_sign($content, $binary_signature, $privateKey, $algo);
    $sign = base64_encode($binary_signature);
    return $sign;
}

/* PHP CURL HTTPS POST */
function curl_post_https($url, $data, $header)
{ // 模拟提交数据函数
    $curl = curl_init(); // 启动一个CURL会话
    curl_setopt($curl, CURLOPT_URL, $url); // 要访问的地址
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); // 对认证证书来源的检查
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 1); // 从证书中检查SSL加密算法是否存在
    curl_setopt($curl, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); // 模拟用户使用的浏览器
    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); // 使用自动跳转
    curl_setopt($curl, CURLOPT_AUTOREFERER, 1); // 自动设置Referer
    curl_setopt($curl, CURLOPT_POST, 1); // 发送一个常规的Post请求
    curl_setopt($curl, CURLOPT_POSTFIELDS, $data); // Post提交的数据包
    curl_setopt($curl, CURLOPT_TIMEOUT, 30); // 设置超时限制防止死循环
    curl_setopt($curl, CURLOPT_HEADER, 0); // 显示返回的Header区域内容
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); // 获取的信息以文件流的形式返回

    curl_setopt($curl, CURLOPT_HTTPHEADER, $header);
    $tmpInfo = curl_exec($curl); // 执行操作
    if (curl_errno($curl)) {
        echo 'Errno' . curl_error($curl); //捕抓异常
    }
    curl_close($curl); // 关闭CURL会话
    return $tmpInfo; // 返回数据，json格式
}
